How Red Hat Enterprise Linux Atomic Host Powers OpenShift Online

The OpenShift Online Technical Operations team was looking forward to the beta availability of Red Hat Enterprise Linux Atomic Host. In fact, they participated in early sprints as part of the Atomic Special Interest Group (SIG) to help make sure Red Hat Enterprise Linux Atomic Host had the operational “beef” to stand high alongside Red Hat’s other enterprise products. Part of this process led to us running the unreleased bits in OpenShift Online prior to the beta announcement.

That said, we’re not using it to run some corner niche of our infrastructure. Instead, we are using the Red Hat Enterprise Linux Atomic Host + Docker combo to run our reverse proxy tier. This means that every API, www.openshift.com, and web console request made to OpenShift Online runs through this tier.

So why all the interest? The small size of Red Hat Enterprise Linux Atomic Host is the first thing we noticed. Our team sends paged alerts when security updates happen. The best way to ensure you don’t get paged about a security update is to only have the essentials on your system, fewer packages means fewer alerts. Atomic Host provides this.

Red Hat Enterprise Linux Atomic Host isn’t complete without the Docker engine and tooling and we’re using them to streamline our deployment process. This has involved a complete re-thinking of how we use configuration management and the process of how updates get from our pre-production environment through to production. We also get simplified rollback in case one of our changes doesn’t go according to plan.

The next shift for us is coming from moving to a more stateless environment. Some call it cattle vs pets. Whatever you call it, the desire is to make sure individual systems don’t require much attention and thought while deployed. If you need more, add more. If there’s an issue with an instance, simply destroy it and deploy a new one.